您的位置: 开心技术乐园 > 技术乐园 > 阅读文章

勒索病毒安全加固工具最新版下载,一键预防病毒感染!

  直到前两天单位又有电脑中永恒之蓝勒索病毒,才意识到这个病毒或者说这一类病毒并不是说过去了就过去了,而是一直存在的。而且单位内部电脑中了此病毒之后更加麻烦,因为它会向局域网其它电脑进行扩散传播。所以我们网管员第一时间在交换机上关机了445端口,以防止其感染其它未打补丁的电脑。但是这样一来,好多办公室都出现了打印机无法共享的现象。

  WannaCry 勒索软件一旦中招之后会加密硬盘文件,无法恢复,因为它的加密算法是不可逆的,除非你支付相关的赎金,所以说危害很严重,一定要引起重视。针对此病毒,我们可以做的:
一、终端电脑立即打上 MS17-010 漏洞补丁
二、外部的网络设备上(路由器防火墙、IPS等)屏蔽445端口

  绿盟科技是国内著名的网络安全厂商,在我读大学那会已经很有名气了,他们出了一个勒索病毒安全加固工具V1.4,是 BAT 程序,下载下来之后看了源代码。它的“加固”方式主要是两点:一是关闭了 Server 服务,二是通过防火墙屏蔽了445端口。程序适用于 Windows 7/10/ 和 Windows Server 2003/2008/2012/2016,使用方便,特此推荐,代码如下。

@echo off
mode con: cols=85 lines=40
:NSFOCUSXA
title  WannaCry勒索病毒安全加固工具  
color 0A
cls
echo.                   
echo.                      
echo -----------------------  WannaCry勒索病毒安全加固工具  --------------------------
echo.                                                                         
echo.       
echo    * WannaCry勒索软件可加密硬盘文件,受害者必须支付高额赎金才有可能解密恢复,安
echo      全风险高,影响范围广!
echo.                                                                     
echo    * 网络层面:建议边界防火墙阻断445端口的访问,可通过IPS、防火墙相关安全设备配
echo      置相关阻断策略。    
echo.
echo    * 终端层面:暂时关闭Server服务,使用命令"netstat -ano | findstr ":445"",确保
echo      关闭445端口,建议在微软官网下载MS17-010补丁,选择对应的版本进行补丁安装,补
echo      丁下载地址:https://www.hack520.com/513.html。        
echo.     
echo    * 注:恢复功能用于恢复加固功能所关闭的服务及屏蔽的端口。
echo.
echo    * 必须以系统管理员身份运行,以下提供此工具所做的操作的介绍:
echo.
echo       1:WIN7加固       11: WIN7加固恢复
echo       2:WIN10加固      12:WIN10加固恢复
echo       3:WIN2003加固    13:WIN2003加固恢复
echo       4:WIN2008加固    14:WIN2008加固恢复
echo       5:WIN2012加固    15:WIN2012加固恢复
echo       6:WIN2016加固    16:WIN2016加固恢复
echo.  
echo       7: 退出                                                              
echo                                                       绿盟科技 V1.4                      
echo                                                      www.nsfocus.com 
echo                                                                  
echo ---------------------------------------------------------------------------------
echo.
set start=
set /p start=    输入(1 2 3 4 5 6)后按回车键:
if "%start%"=="1" goto WIN7
if "%start%"=="2" goto WIN10
if "%start%"=="3" goto WIN2003
if "%start%"=="4" goto WIN2008
if "%start%"=="5" goto WIN2012
if "%start%"=="6" goto WIN2016
if "%start%"=="11" goto WIN7X
if "%start%"=="12" goto WIN10X
if "%start%"=="13" goto WIN2003X
if "%start%"=="14" goto WIN2008X
if "%start%"=="15" goto WIN2012X
if "%start%"=="16" goto WIN2016X
if "%start%"=="7" goto quit
goto NSFOCUSXA

:WIN7
net stop server /Y > nul
sc config lanmanserver start= disabled
netsh advfirewall set currentprofile state on > nul
netsh advfirewall firewall add rule name="DenyEquationTCP" dir=in action=block localport=445 remoteip=any protocol=tcp > nul
netsh advfirewall firewall add rule name="DenyEquationUDP" dir=in action=block localport=445 remoteip=any protocol=udp > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows 7系统加固命令执行完毕!
echo .
pause
goto NSFOCUSXA
:WIN10
net stop server > nul
sc config lanmanserver start= disabled
netsh firewall set opmode enable > nul
netsh advfirewall firewall add rule name="DenyEquationTCP" dir=in action=block localport=445 remoteip=any protocol=tcp > nul
netsh advfirewall firewall add rule name="DenyEquationUDP" dir=in action=block localport=445 remoteip=any protocol=udp > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows 10系统加固命令执行完毕!
echo .
pause
goto NSFOCUSXA
:WIN2003
net stop server > nul
net start sharedaccess > nul
sc config lanmanserver start= disabled
netsh firewall add portopening protocol = ALL port = 445 name = DenyEquationTCP mode = DISABLE scope = ALL profile = ALL > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2003系统加固命令执行完毕!
echo .
pause
goto NSFOCUSXA

:WIN2008
net stop server /Y > nul
sc config lanmanserver start= disabled
netsh advfirewall set currentprofile state on > nul
netsh advfirewall firewall add rule name="DenyEquationTCP" dir=in action=block localport=445 remoteip=any protocol=tcp > nul
netsh advfirewall firewall add rule name="DenyEquationUDP" dir=in action=block localport=445 remoteip=any protocol=udp > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2008系统加固命令执行完毕!
echo .
pause
goto NSFOCUSXA

:WIN2012
net stop server > nul
net start MpsSvc > nul
sc config lanmanserver start= disabled
netsh advfirewall firewall add rule name="DenyEquationTCP" dir=in action=block localport=445 remoteip=any protocol=tcp > nul
netsh advfirewall firewall add rule name="DenyEquationUDP" dir=in action=block localport=445 remoteip=any protocol=udp > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2012系统加固命令执行完毕!
echo .
pause
goto NSFOCUSXA
:WIN2016
net stop server > nul
sc config lanmanserver start= disabled
netsh advfirewall firewall add rule name="DenyEquationTCP" dir=in action=block localport=445 remoteip=any protocol=tcp > nul
netsh advfirewall firewall add rule name="DenyEquationUDP" dir=in action=block localport=445 remoteip=any protocol=udp > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2016系统加固命令执行完毕!
echo .
pause
goto NSFOCUSXA


:WIN7X
net start server /Y > nul
sc config lanmanserver start= auto
netsh advfirewall set currentprofile state on > nul
netsh advfirewall firewall delete rule name="DenyEquationTCP" > nul
netsh advfirewall firewall delete rule name="DenyEquationUDP" > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows 7系统加固恢复命令执行完毕!
echo .
pause
goto NSFOCUSXA
:WIN10X
net start server > nul
sc config lanmanserver start= auto
netsh firewall set opmode enable > nul
netsh advfirewall firewall delete rule name="DenyEquationTCP"  > nul
netsh advfirewall firewall delete rule name="DenyEquationUDP"  > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows 10系统加固恢复命令执行完毕!
echo .
pause
goto NSFOCUSXA
:WIN2003X
net start server > nul
net start sharedaccess > nul
sc config lanmanserver start= auto
netsh firewall delete portopening protocol = TCP port = 445 > nul
netsh firewall delete portopening protocol = UDP port = 445 > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2003系统加固恢复命令执行完毕!
echo .
pause
goto NSFOCUSXA

:WIN2008X
net start server /Y > nul
sc config lanmanserver start= auto
netsh advfirewall set currentprofile state on > nul
netsh advfirewall firewall delete rule name="DenyEquationTCP"  > nul
netsh advfirewall firewall delete rule name="DenyEquationUDP"  > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2008系统加固恢复命令执行完毕!
echo .
pause
goto NSFOCUSXA

:WIN2012X
net start server > nul
net start MpsSvc > nul
sc config lanmanserver start= auto
netsh advfirewall firewall delete rule name="DenyEquationTCP"  > nul
netsh advfirewall firewall delete rule name="DenyEquationUDP"  > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2012系统加固恢复命令执行完毕!
echo .
pause
goto NSFOCUSXA
:WIN2016X
net start server > nul
sc config lanmanserver start= auto
netsh advfirewall firewall delete rule name="DenyEquationTCP"  > nul
netsh advfirewall firewall delete rule name="DenyEquationUDP"  > nul
echo ---------------------------------------------------------------------------------
echo    *  Windows Server 2016系统加固恢复命令执行完毕!
echo .
pause
goto NSFOCUSXA

点击下载勒索病毒安全加固工具 1.4 最新版

    • 本文标签:
    • 人气热度:439
    • 生产日期:2019年3月28日 - 10时42分15秒

    error: Content is protected !!